1 Page 1 sur 10 Magic Quadrant for Secure Web Gateways 23 June 2014 ID:G Analyst(s): Lawrence Orans, Peter Firstbrook VIEW SUMMARY The SWG market is evolving rapidly as vendors respond to the mobility trend and the evolving threat landscape. SWG vendors are highly differentiated in their ability to deliver cloud-based services, and to protect users with advanced threat defense features. Market Definition/Description Secure Web gateways (SWGs) utilize URL filtering, advanced threat defense, legacy malware protection and application control technologies to defend users from Internet-borne threats, and to help enterprises enforce Internet policy compliance. SWGs are delivered as on-premises appliances (hardware and virtual) or cloud-based services. Vendors differ greatly in the maturity and features of their cloud-based services, and in their ability to protect enterprises from advanced threats. The vast majority of enterprises still implement SWGs as on-premises appliances. Gartner estimates that, in 2013, 77% of SWG implementations were on-premises and 23% were cloud-based. Comparing these values to those from 2012 (86% on-premises and 14% cloud) indicates that cloud-based services are growing more quickly than on-premises appliances. Despite the rapid growth in cloud adoption, and the inevitable need to protect laptops and mobile devices as users bypass the corporate network to go directly to the Internet, the market for cloud-based SWG services is far from mature. Vendor differentiation remains high in key areas of cloud services, such as global coverage (number of countries and data centers), support for mobile operating systems and the ability to deliver hybrid (cloud and on-premises) implementations. In the Vendor and section below, the write-ups for each vendor highlight key characteristics of cloud-based support. The evolving threat landscape has forced SWG vendors to respond by adding technologies to defend against advanced threats. There are several techniques for combating advanced threats (see "Five Styles of Advanced Threat Defense"), and sandboxing has emerged as the most commonly implemented approach by SWG vendors in 2013 and Some have implemented sandboxing with separate on-premises appliances, whereas others have taken a cloud-based approach. SWG vendors have added sandboxing by developing it internally, by licensing technology from OEM providers or by acquiring a sandbox vendor. In the Vendor and write-ups below, we analyze each vendor's approach to sandboxing and advanced threat defense. Magic Quadrant Figure 1. Magic Quadrant for Secure Web Gateways EVALUATION CRITERIA DEFINITIONS Ability to Execute Product/Service: Core goods and services offered by the vendor for the defined market. This includes current product/service capabilities, quality, feature sets, skills and so on, whether offered natively or through OEM agreements/partnerships as defined in the market definition and detailed in the subcriteria. Overall Viability: Viability includes an assessment of the overall organization's financial health, the financial and practical success of the business unit, and the likelihood that the individual business unit will continue investing in the product, will continue offering the product and will advance the state of the art within the organization's portfolio of products. Sales Execution/Pricing: The vendor's capabilities in all presales activities and the structure that supports them. This includes deal management, pricing and negotiation, presales support, and the overall effectiveness of the sales channel. Market Responsiveness/Record: Ability to respond, change direction, be flexible and achieve competitive success as opportunities develop, competitors act, customer needs evolve and market dynamics change. This criterion also considers the vendor's history of responsiveness. Marketing Execution: The clarity, quality, creativity and efficacy of programs designed to deliver the organization's message to influence the market, promote the brand and business, increase awareness of the products, and establish a positive identification with the product/brand and organization in the minds of buyers. This "mind share" can be driven by a combination of publicity, promotional initiatives, thought leadership, word of mouth and sales activities. Customer Experience: Relationships, products and services/programs that enable clients to be successful with the products evaluated. Specifically, this includes the ways customers receive technical support or account support. This can also include ancillary tools, customer support programs (and the quality thereof), availability of user groups, service-level agreements and so on. Operations: The ability of the organization to meet its goals and commitments. Factors include the quality of the organizational structure, including skills, experiences, programs, systems and other vehicles that enable the organization to operate effectively and efficiently on an ongoing basis. Completeness of Vision Market Understanding: Ability of the vendor to understand buyers' wants and needs and to translate those into products and services. Vendors that show the highest degree of vision listen to and understand buyers' wants and needs, and can shape or enhance those with their added vision. Marketing Strategy: A clear, differentiated set of messages consistently communicated throughout the organization and externalized through the website, advertising, customer programs and positioning statements. Sales Strategy: The strategy for selling products that uses the appropriate network of direct and indirect sales, marketing, service, and communication affiliates that extend the scope and depth of market reach, skills, expertise, technologies, services and the customer base. Offering (Product) Strategy: The vendor's approach to product development and delivery that emphasizes differentiation, functionality, methodology and feature sets as they map to current and future requirements. Business Model: The soundness and logic of the vendor's underlying business proposition. Vertical/Industry Strategy: The vendor's strategy to direct resources, skills and offerings to meet the specific needs of individual market segments, including vertical markets. Innovation: Direct, related, complementary and synergistic layouts of resources, expertise or capital for investment, consolidation, defensive or pre-emptive purposes.
2 Page 2 sur 10 Geographic Strategy: The vendor's strategy to direct resources, skills and offerings to meet the specific needs of geographies outside the "home" or native geography, either directly or through partners, channels and subsidiaries as appropriate for that geography and market. Source: Gartner (June 2014) Vendor and Barracuda Networks Barracuda offers the Barracuda Web Filter appliances and the cloud-based Barracuda Web Security Service. Barracuda customers typically implement its appliances in transparent bridge mode to view all network traffic, but the appliances can also be implemented in proxy mode. In 2013, Barracuda gained a new CEO; later that November, it launched an initial public offering (IPO) and became a publicly traded company. In 2014, Barracuda agreed to license Lastline's cloud-based sandbox technology. Barracuda Web Filter appliances are good candidates for small or midsize businesses (SMBs) and costconscious enterprises. Barracuda offers a low-cost solution that is easy to use with competitive functionality. The vendor's Instant Replacement program, which provides next-business-day shipping of replacement units, includes a free appliance replacement unit every four years. Application control is strong. In-line deployments of Barracuda's SWG enable it to filter all ports and protocols. Features include granular social media controls and social media archiving. Barracuda provides a free, lightweight mobile data management (MDM) capability to simplify the management of policies on mobile devices running Apple ios and Android. Partnerships with wireless vendors Meru and Ruckus Wireless enable single sign-on (SSO). When a user authenticates to a Ruckus or Meru access point, the user's credentials are shared with the Barracuda SWG. The user's activity can be monitored on the Internet, without requiring the user to authenticate directly to Barracuda's SWG. The cloud-based service is missing a number of enterprise features. For example, it lacks IPsec support for traffic redirection, and it does not inspect Secure Sockets Layer (SSL) traffic. Barracuda's integration with Lastline is in its initial phases, and is not yet tightly integrated. The initial integration lacks the ability to defend against targeted attacks (although it does improve Barracuda's ability to defend against zero-day threats). Barracuda's advanced threat defense strategy is heavily dependent on the technology that it has licensed from Lastline, which is a small company. If Lastline's status changes, then Barracuda may need to revisit its advanced threat strategy. Blue Coat Systems Blue Coat was acquired by private equity firm Thoma Bravo in February Since the acquisition, Blue Coat acquired several security companies, including Netronome (SSL appliances) in May 2013, Solera Networks (full packet capture for network forensics) in May 2013 and Norman Shark (appliancebased sandbox) in December Blue Coat also introduced the Content Analysis System (CAS), an internally developed malware detection appliance that analyzes traffic forwarded to it by Blue Coat's ProxySG. In addition to its appliance-based offerings, Blue Coat offers a cloud-based SWG service. Blue Coat's appliances are good candidates for most large-enterprise customers, particularly those requiring highly scalable SWGs. Blue Coat's cloud service is a good option for most enterprises.
3 Page 3 sur 10 The ProxySG is the strongest proxy in the market in terms of breadth of protocols and the number of advanced features. It supports a broad set of protocols as well as extensive authentication and directory integration options. Blue Coat has made good progress in integrating the products that it has acquired. For example, its CAS can automatically deposit suspicious files in the Malware Analysis Appliance (sandbox). The CAS also integrates with FireEye's Web Malware Protection System (MPS; however, the CAS does not yet integrate with FireEye's NX series, which is the updated version of the MPS). The Security Analytics solution (Solera Networks technology) integrates with the Malware Analysis Appliance (Norman Shark technology) and provides a forensic analysis of packets associated with a suspicious file. Blue Coat's cloud offering includes multitenant IPsec gateways, which enable it to support a wide range of mobile devices. Blue Coat agents are available for Windows, Mac OS X, Apple ios and Android. Because Blue Coat's advanced threat defense solution requires multiple components, it is expensive. The ProxySG does not deposit suspicious files in the Malware Analysis Appliance. Customers must purchase the CAS if they want to automatically detect suspicious files and analyze them in the Malware Analysis Appliance. Blue Coat's hybrid implementation of its cloud and on-premises offerings is incomplete. Policy synchronization is not bidirectional (it supports synchronization only from the cloud to on-premises appliances). Downloading logs from the cloud to on-premises appliances can be scheduled only hourly. Blue Coat's Reporter application lacks severity indicators for prioritizing alerts. Cisco Cisco offers the appliance-based Web Security Appliance (WSA) and the cloud-based Cloud Web Security (CWS) service. The WSAs are implemented as proxies. In October 2013, Cisco completed its acquisition of Sourcefire; in May 2014, it announced its intent to acquire ThreatGRID, whose primary offering is a cloud-based sandboxing service. In February 2014, Cisco announced its cloud-based Cognitive Threat Analytics (CTA) feature, based on technology from its acquisition of Cognitive Security in February Cisco's WSA products are good options for most midsize and large enterprises, while the CWS service is a good option for most enterprises. Cisco has integrated a traffic redirection feature a critical component of any cloud service into some of its on-premises equipment. The ASA firewall, Integrated Services Router (ISR) Generation 2 and WSA all support Cisco's "connector" software, which directs traffic to the CWS service. Traffic redirection is enabled via a menu item when configuring these appliances. Mobile platform support is a strength of the CWS service for customers that have already implemented Cisco's popular AnyConnect client. The cloud service supports Windows, Mac OS X, Apple ios, Android, Windows Phone 8 and BlackBerry. Sourcefire's Advanced Malware Protection (AMP) technology is available as an option on Cisco's WSA and CWS service (separate license fees apply). Cisco's intended acquisition of ThreatGRID and its sandboxing technology will complement the filebased advanced threat defense technology that it acquired from Sourcefire. Gartner expects that Cisco will integrate the WSA with a ThreatGRID-based appliance (but not before 2015), so that suspicious files can be further analyzed in a sandbox environment. The combination of file-based and sandboxing technologies should reduce false positives and improve the accuracy of malware and advanced threat detection. Cisco has been slow to integrate its cloud-based SWG (ScanSafe acquisition of 2009) with its onpremises SWG (IronPort acquisition of 2007). Customers seeking a hybrid cloud/on-premises solution will need two consoles. The consoles lack policy synchronization (to share policies between cloud and on-premises users). Log synchronization is not configurable by the customer, but on customer request, Cisco can automate log synchronization up to four times per day. The CTA capability is not available to WSA customers. Only CWS customers can utilize the CTA functionality. Getting maximum value from AMP requires implementing FireAMP Connector agents on network endpoints. The FireAMP Connectors are optional, but without them, the AMP-integrated SWG provides reduced monitoring and investigative functionality. Cisco's cloud service has a surprisingly small global footprint (15 countries), given Cisco's resources and the number of years it has been in the SWG market. Newer rivals have been more aggressive in global expansion. The cloud service also lacks support for IPsec. ContentKeeper Technologies ContentKeeper Technologies is based in Australia, where it has many large government, education and commercial customers. It offers a family of SWG appliances that deploy in transparent bridge mode, and it also provides a hosted cloud-based service. ContentKeeper's advanced threat solutions can be implemented on-premises or in its hosted cloud service. ContentKeeper is a good option for midsize and large organizations, and for K-12 schools in supported geographies. ContentKeeper has developed its own sandboxing technology, which gives it control of its advanced threat defense strategy by limiting its reliance on partnerships. A bring your own device (BYOD) feature enables ContentKeeper's SWG to enforce Internet access policies for mobile devices and users. ContentKeeper agents and mobile apps support off-network devices (such as Windows, Mac OS X, Linux, ios and Android). ContentKeeper appliances support the ability to proxy and analyze SSL traffic.
4 Page 4 sur 10 ContentKeeper lacks a shared, multitenant, IPsec-based cloud SWG service. It provides a hosted cloud offering, where customers run virtual appliances hosted in Amazon's cloud service (and in some ContentKeeper-managed data centers). Hosted offerings do not scale as dynamically as shared multitenant clouds. ContentKeeper has yet to earn recognition as a leading advanced threat defense company. Prospective customers should carefully test the efficacy of its advanced threat capabilities against competing solutions. The lack of severity indicators on ContentKeeper's dashboard makes it difficult to prioritize malware alerts. Outside the Asia/Pacific region, ContentKeeper has a limited value-added reseller (VAR) channel. Prospective customers should carefully vet ContentKeeper VARs to ensure that they can provide adequate local support. iboss iboss offers a family of appliance-based platforms that are typically deployed in transparent bridge mode. It also offers a cloud-based service. In 2014, iboss began offering a cloud-based advanced threat defense service based on technology that it has licensed from Lastline. iboss is a good option for midsize and large enterprises, and for K-12 schools in supported geographies. iboss has integrated its SWG with the cloud-based sandboxing service that it licenses from Lastline. The iboss SWG can automatically deposit suspicious objects in the sandbox, and the iboss management console displays the results of the analysis. Full SSL content inspection is provided agentless at the gateway, or with an optional agent-based solution on endpoints. The agent is a scalable approach that relieves the iboss appliance of the burden of managing certificates, and of terminating and decrypting SSL traffic. iboss provides lightweight MDM functionality that helps enterprises configure Apple ios and Android devices to use its cloud service. Bandwidth controls are very flexible. For example, bandwidth quotas can be applied to a specific organizational unit in Active Directory, and they can also be assigned to a specific domain. iboss' cloud service lacks IPsec support for mobile devices, which is a common requirement for mobile users (remote offices can be supported via IPsec on routers and firewalls). iboss' advanced threat detection strategy is heavily dependent on the technology that it has licensed from Lastline, which is a small company. If Lastline's status changes, then iboss may need to revisit its advanced threat strategy. iboss has only a limited set of customers outside North America. As it begins a planned international expansion, prospective customers outside North America should validate that iboss partners are qualified to provide sales and technical support. Intel Security (McAfee) McAfee, which is now part of Intel Security, offers a family of on-premises SWG appliances (McAfee Web Gateway [MWG]) and cloud-based SWG services (SaaS Web Protection). The SWG appliances are most commonly implemented as proxies, although they can also be deployed in other modes, including in-line transparent bridges. In October 2013, Intel Security announced its Advanced Threat Defense appliance, which is based on technology from its acquisition of ValidEdge in February Intel Security's solutions are good candidates for most enterprise customers, particularly those that are already epolicy Orchestrator users. MWG has strong malware protection due to its on-box browser code emulation capabilities. The solution provides the ability to adjust the sensitivity of malware detection. A rule-based policy engine enables flexible policy creation. MWG integrates with the Advanced Threat Defense appliance. It automatically deposits suspicious files in the sandbox for analysis. Intel Security has a good implementation of a hybrid cloud/on-premises solution. While policy synchronization is only unidirectional (from on-premises to the cloud), flexible controls enable some policies to be synced, whereas others are not. Log file synchronization can be configured in specified time intervals. MWG provides strong support for scanning SSL traffic. It can be configured to automatically enforce SSL certificate decisions and remove the decision from end users (who almost always accept unknown or expired certificates). In addition to its existing data loss prevention (DLP) support, MWG also protects sensitive data stored in public clouds from unauthorized access. It can automatically encrypt files transmitted to Dropbox and other file sharing and collaboration sites, and users cannot retrieve and decrypt files without going through the MWG. The SaaS Web Protection service does not support an IPsec-based multitenant gateway, which is a common requirement for supporting mobile devices. Intel Security's mobility strategy needs improvement. Its McAfee Client Proxy for Windows is a strong solution, but it does not offer an endpoint client for Mac OS X. Also, Intel Security lacks partnerships with MDM vendors to enforce IPsec tunnels (to SaaS Web Protection) on mobile devices running ios and Android. Intel Security's cloud service has a surprisingly small global footprint (12 data centers), given its resources and the number of years it has been in the SWG market. Newer rivals have been more aggressive in global expansion.
6 Page 6 sur 10 late entry limits Symantec's opportunities in large enterprises, many of which have already implemented advanced threat solutions. Symantec's cloud and mobile strategy needs improvement. The cloud service does not support IPsec, which is a common approach for supporting mobile devices. The Smart Connect agent is a strong solution for Windows endpoints, but it is not available for Mac OS X. The unresolved CEO position casts uncertainty over Symantec's strategic plans in SWGs and advanced threat defense. At the time of this writing, Symantec has an interim CEO. The company has already had three CEOs since Trend Micro Trend Micro offers an on-premises InterScan Web Security (IWS) solution (available as a software or virtual appliance only) and a new cloud service (InterScan Web Security as a Service, whose worldwide rollout was completed in April 2014). IWS can be implemented as a transparent bridge or a proxy. Trend Micro's Deep Discovery is an internally developed advanced threat defense solution based on sandboxing technology. It is available as a hardware appliance. Trend Micro is a candidate primarily for organizations that already have a strategic relationship with the company. The IWS appliance can automatically deposit suspicious files in the Deep Discovery sandbox for analysis. A single console provides a simple approach for synchronizing policies for cloud and on-premises users. Trend Micro's Damage Cleanup Services can provide remote client remediation for known threats. Application control is strong with IWS, and includes the ability to set time of day and bandwidth quota policies. Trend Micro's cloud-based SWG service is new and unproven. It was launched in the Asia/Pacific and Latin America regions in 4Q13, and only became generally available in North America in April Several enterprise-class features are still missing, including DLP support. Gartner rarely sees Trend Micro in competitive deals for SWG-only implementations. Logs from the cloud service cannot be automatically synchronized with logs from the IWS appliance. The cloud logs can be downloaded only manually by the customer from the Web management console. Trustwave Trustwave offers a diversified security product and managed services portfolio. Its Secure Web Gateway appliance (gained via the 2012 acquisition of M86 Security) is a proxy-based gateway that specializes in real-time malware detection. Trustwave's SWG solutions are good options for customers that already have one or more Trustwave products or services, or for those that are seeking an SWG managed service. Trustwave has strong real-time browser code emulation, which is the primary technology in its malware detection strategy. Trustwave's DLP engine is fully integrated with its Secure Web Gateway. Social media support is strong and provides flexible controls for Facebook, Twitter, Google+, LinkedIn and YouTube. Trustwave does not offer a cloud-only SWG service. It discontinued the Trustwave Cloud Web Service in 2013, but continues to offer the Trustwave Secure Web Service Hybrid. The new service requires an on-premises policy server to synchronize with Active Directory. Support for mobile devices (ios and Android) is weak due to Trustwave's lack of an IPsec-based multitenant gateway in its hybrid service offering. The dashboard console is weaker than many competing offerings. It lacks severity indicators to prioritize malware alerts. Dashboard panels provide only limited customization. The Secure Web Gateway lacks the ability to block port-evasive applications, such as BitTorrent and Skype. Websense Websense was acquired by private equity firm Vista Equity Partners in June In 2014, Websense began moving its headquarters from San Diego to Austin, Texas. Websense offers SWG appliances (hardware and software) and a cloud-based service. In October 2013, it announced RiskVision, an appliance that forwards suspicious files to Websense's cloud-based sandbox (known as ThreatScope). Websense appliances are good options for midsize enterprises, and its cloud service is a good option for most enterprises. Websense has a strong offering for organizations that are interested in a hybrid SWG strategy (on-premises and cloud-based). Its Triton management console provides a common point for policy management, reporting and logging in hybrid environments. Websense's Web Security Gateway automatically deposits suspicious files in the ThreatScope cloud sandbox, which was developed in-house by Websense. Websense has extended its DLP technology to its cloud service. The deep packet inspection capabilities of its DLP technology are used to inspect outbound traffic for malware behavior. This feature, which was previously only available on Websense appliances, does not require a DLP license.
7 Page 7 sur 10 The Websense cloud service supports multiple options for traffic redirection (including IPsec), and multiple options for user authentication (including SAML v2). Websense's SWG product portfolio limits the vendor to a primarily midmarket customer base. Gartner estimates that the V5000 and V10000 appliances contribute approximately 95% of Websense's revenue for SWG appliances. Gartner rarely sees Websense's X10G, a blade-server appliance aimed at large enterprises, in competitive bids. Enterprises that are considering the X10G should carefully check references. Websense continues to experience challenges with its service and support organization, based on feedback Gartner has gathered from several Websense customers. Gartner believes that some of the support issues were the result of disruption associated with Websense's corporate relocation to Texas. Prospective customers should verify service-level agreement commitments with Websense's service and support organization. The console for the cloud-only service is different from Websense's Triton console, which is used to manage the hybrid and on-premises solutions. Customers that begin with a cloud-only service and add appliances later (for example, to improve responsiveness in bottleneck locations) would need to switch to the Triton console. Zscaler Zscaler is a pure-play provider of cloud-based SWG services. It continues to be one of the fastestgrowing vendors in this market. In 2014, Zscaler introduced Shift, a cloud-based service that uses DNS to direct traffic through its cloud platform. Shift provides a subset of the security features offered in Zscaler's flagship offerings, and is focused on use cases such as protecting guest Wi-Fi/hot spot users and virtual desktop security. Zscaler also offers a cloud-based sandbox that analyzes suspicious objects that are automatically deposited by its SWG services. These and other innovations have resulted in a strong Completeness of Vision score. Zscaler is a good option for most enterprises that are seeking a cloud-based SWG. Zscaler has the largest global cloud footprint for SWG vendors, with more than 100 policy enforcement nodes in 28 countries, including a strong presence in the Middle East and South America. Zscaler provides flexible implementation options by offering the broadest set of choices for traffic redirection (including IPsec) and authentication (including SAML). Flash cookies enable agentless authentication for mobile users on supported devices. On Android, Samsung Knox integration enables automatic redirection of Knox enterprise container traffic to Zscaler. Zscaler applies all its malware detection engines on all content, including traffic encrypted via SSL, regardless of site reputation. At the time of this writing, Zscaler is the only SWG cloud-based service to expose its cloud uptime and event statistics to the public via its trust.zscaler.com portal. A streaming log service provides near-real-time import of logs from the cloud to on-premises servers, where they can be analyzed by a security information and event management solution. Implementation of Generic Routing Encapsulation (GRE) tunnels for traffic redirection can be complicated by older network gear, lack of capacity and misconfiguration (all network-based redirection techniques, such as IPsec, have these challenges). All enterprises should have preimplementation consultations with Zscaler or its partners to address these commonly known issues. Zscaler encourages the use of proxy autoconfiguration (PAC) files for Windows and Mac OS X systems for mobile employees, but knowledgeable users can subvert PAC file traffic redirection. Also, port-evasive applications (such as Skype, BitTorrent and some malware) will not be forwarded to the Zscaler network from endpoints that rely only on PAC files. Zscaler customer support has improved with a new service and support team, and a more mature operations management process, but support via resellers may be less consistent. The management console lacks severity indicators to prioritize malware alerts. Vendors Added and Dropped We review and adjust our inclusion criteria for Magic Quadrants and MarketScopes as markets change. As a result of these adjustments, the mix of vendors in any Magic Quadrant or MarketScope may change over time. A vendor's appearance in a Magic Quadrant or MarketScope one year and not the next does not necessarily indicate that we have changed our opinion of that vendor. It may be a reflection of a change in the market and, therefore, changed evaluation criteria, or of a change of focus by that vendor. Added None Dropped None Inclusion and Exclusion Criteria These criteria must be met for vendors to be included in this Magic Quadrant:
8 Page 8 sur 10 Vendors must provide all three components of an SWG: URL filtering Anti-malware protection Application control capabilities Pure-play URL filtering solutions have been excluded. The vendor's URL filtering component must be primarily focused on categorizing English language websites. Vendors must have at least $15 million in SWG product revenue in their latest complete fiscal years. Vendors must have an installed base of at least 2,000 customers, or aggregate endpoint coverage of at least 5 million seats. UTM devices and next-generation firewall devices that offer URL filtering and malware protection have been excluded. This Magic Quadrant analyzes solutions that are optimized for SWG functionality. Vendors that license complete SWG products and services from other vendors have been excluded. For example, ISPs and other service providers that offer cloud-based SWG services licensed from other providers have been excluded. Evaluation Criteria Ability to Execute Product or service: This is an evaluation of the features and functions of the vendor's SWG solution. Malware detection and advanced threat defense functionality will be weighted heavily to reflect the significance that enterprises place on these capabilities. Overall viability: This includes an assessment of the overall organization's financial health, the financial and practical success of the business unit, and the likelihood that the business unit will continue to invest in the product. Sales execution/pricing: This is a comparison of pricing relative to the market. Market responsiveness/record: This criterion reflects how quickly the vendor has spotted a market shift and produced a product that potential customers are looking for; it is also the size of the vendor's installed base relative to the amount of time the product has been on the market. Marketing execution: This is the effectiveness of the vendor's marketing programs, and its ability to create awareness and mind share in the SWG market. Customer experience: This is the quality of the customer experience based on reference calls and Gartner client teleconferences. Table 1. Ability to Execute Evaluation Criteria Evaluation Criteria Weighting Product or Service Overall Viability Sales Execution/Pricing Medium High Medium Market Responsiveness/Record Medium Marketing Execution Customer Experience Operations Source: Gartner (June 2014) High Medium Not Rated Completeness of Vision Market understanding: This is the SWG vendor's ability to understand buyers' needs and translate them into products and services. Sales strategy: This is the vendor's strategy for selling to its target audience, and includes an analysis of the appropriate mix of direct and indirect sales channels. Offering (product) strategy: This is an evaluation of the vendor's strategic product direction and its road map for SWG. The product strategy should address trends that are reflected in Gartner's client inquiries. Innovation: This criterion includes product leadership and the ability to deliver features and functions that distinguish the vendor from its competitors. Innovation in areas such as advanced threat defense and cloud-based services were rated highly, since these capabilities are evolving quickly and are highly differentiated among the vendors. Geographic strategy: This is the vendor's strategy for penetrating geographies outside its home or native market. Table 2. Completeness of Vision Evaluation Criteria
9 Page 9 sur 10 Evaluation Criteria Weighting Market Understanding Marketing Strategy Sales Strategy Medium Not Rated Medium Offering (Product) Strategy High Business Model Not Rated Vertical/Industry Strategy Not Rated Innovation Geographic Strategy Source: Gartner (June 2014) High Low Quadrant Descriptions Leaders Leaders are high-momentum vendors (based on sales and mind share growth) with established track records in SWGs, as well as with vision and business investments indicating that they are wellpositioned for the future. Leaders do not necessarily offer the best products and services for every customer project; however, they provide solutions that offer relatively lower risk. Challengers Challengers are established vendors that offer SWG products; however, they do not yet offer strongly differentiated products, or their products are in the early stages of development or deployment. Challengers' products perform well for a significant market segment, but may not show feature richness or particular innovation. Buyers of Challengers' products typically have less complex requirements and/or are motivated by strategic relationships with these vendors rather than requirements. Visionaries Visionaries are distinguished by technical and/or product innovation, but have not yet achieved the record of execution in the SWG market to give them the high visibility of Leaders or they lack the corporate resources of Challengers. Buyers should expect state-of-the-art technology from Visionaries, but be wary of a strategic reliance on these vendors and closely monitor their viability. Visionaries represent good acquisition candidates. Challengers that may have neglected technology innovation and/or vendors in related markets are likely buyers of Visionaries' products. Thus, these vendors represent a slightly higher risk of business disruptions. Niche Players Niche Players' products typically are solid solutions for one of the three primary SWG requirements URL filtering, malware and application control but they lack the comprehensive features of Visionaries and the market presence or resources of Challengers. Customers that are aligned with the focus of a Niche Players vendor often find such provider's offerings to be "best of need" solutions. Niche Players may also have a strong presence in a specific geographic region, but lack a worldwide presence. Context The market is segmented between large enterprises and SMBs. Solutions aimed at SMBs are designed for ease of use, cost-effectiveness and basic security protection. Solutions aimed at large enterprises provide tools and detailed reports that security operations teams can use to respond to advanced threats and malware alerts. Market Overview We estimate that the combined SWG revenue of the Magic Quadrant participants in 2013 was $1.31 billion (which includes on-premises and cloud-based offerings). Revenue from solutions that lack full SWG functionality has been excluded (for example, URL filtering only or proxies sold without antimalware protection). The market grew approximately 11% during 2013, and we anticipate that the market will grow 10% to 12% in Gartner, Inc. and/or its affiliates. All rights reserved. Gartner is a registered trademark of Gartner, Inc. or its affiliates. This publication may not be reproduced or distributed in any form without Gartner s prior written permission. If you are authorized to access this publication, your use of it is subject to the Usage Guidelines for Gartner Services posted on gartner.com. The information contained in this publication has been obtained from sources believed to be reliable. Gartner disclaims all warranties as to the accuracy, completeness or adequacy of such information and shall have no liability for errors, omissions or inadequacies in such information. This publication consists of the opinions of Gartner s research organization and should not be construed as statements of fact. The opinions expressed herein are subject to change without notice. Although Gartner research may include a discussion of related legal issues, Gartner does not provide legal advice or services and its research should not be construed or used as such. Gartner is a public company, and its shareholders may include firms and funds that have financial interests in entities covered in Gartner research. Gartner s Board of Directors may include senior managers of these firms or funds. Gartner research is produced independently by its research organization without input or influence from these firms, funds or their managers. For further information on the independence and integrity of Gartner research, see Guiding Principles on Independence and Objectivity.
10 Page 10 sur 10 About Gartner Careers Newsroom Policies Site Index IT Glossary Contact Gartner
G00262738 Magic Quadrant for Secure Web Gateways Published: 23 June 2014 Analyst(s): Lawrence Orans, Peter Firstbrook The SWG market is evolving rapidly as vendors respond to the mobility trend and the
Magic Quadrant for Secure Web Gateways 28 May 2015 ID:G00267241 Analyst(s): Lawrence Orans, Peter Firstbrook VIEW SUMMARY The market for SWG solutions is still dominated by traditional on premises appliances.
Magic Quadrant for Secure Web Gateways 28 May 2015 ID:G00267241 Analyst(s): Lawrence Orans, Peter Firstbrook VIEW SUMMARY The market for SWG solutions is still dominated by traditional on-premises appliances.
Magic Quadrant for Global Enterprise Desktops and Notebooks Gartner RAS Core Research Note G00207470, Stephen Kleynhans, 10 November 2010, R3553 11302011 In the general PC market, price is often the main
G00234572 Magic Quadrant for Secure Web Gateways Published: 24 May 2012 Analyst(s): Lawrence Orans, Peter Firstbrook Secure Web gateways support a wide range of functions. URL filtering and malware detection
Data Sheet Today s highly connected and fast-moving world is filled with complex and sophisticated web security threats. Cisco delivers the strong protection, complete control, and investment value that
1 of 10 11/30/2010 1:00 PM 28 July 2010 Bern Elliot, Steve Blood Gartner RAS Core Research Note G00201349 Unified communications offers the ability to improve how individuals, groups and companies interact
Case Study & POC & Demos Information Type: Case Study Name: Multichannel Campaign Management (MCCM) Description: The IBM Company seeks, as vendor, through the multichannel campaign management (MCCM) services,
Cisco Cloud Web Security: A Key Component of a Unified Security Architecture Marketing/Technical description for services Scope of the Service Cisco Cloud Web Security (previously known as ScanSafe) builds
Guest Speaker Michael Sutton Chief Information Security Officer Zscaler, Inc. Michael Sutton has dedicated his career to conducting leadingedge security research, building world-class security teams and
Magic Quadrant for Global Enterprise Notebook PCs, 2H05 Gartner RAS Core Research Note G00133054, Mikako Kitagawa, Brian Gammage, Leslie Fiering, 12 January 2006, R1662 07222006. Unlike the general notebook
White Paper Cisco ASA and Cloud Web Security: Best-in-Class Network Security Combined with Best-in-Class Web Security Introduction Organizations that want to harness the power of the web must deal with
Naujos kartos ugniasienės Next Generation Firewalls (NGFW) Mindaugas Kubilius, Fortinet sprendimų inžinierius 1 The Evolving Security World The Easy Internet High Degree of IT control Slow rate of change
On and off premises technologies Which is best for you? We don t mind what you buy, as long as it is YELLOW! Warren Sealey and Paul-Christian Garpe On Premises or in the cloud? 1 Agenda Why Symantec? Email
2012 2012 North American Enterprise Firewalls Market Penetration Leadership Award 2012 Frost & Sullivan 1 We Accelerate Growth Market Penetration Leadership Award Enterprise Firewalls North America, 2012
Magic Quadrant for Content-Aware Data Loss Prevention Gartner RAS Core Research Note G00200788, Paul E. Proctor, Eric Ouellet, 2 June 2010, V2 RA2 12062010 The enterprise content-aware data loss prevention
with Cloud-Based Security Services > White Paper It s a phenomenon and a fact: employees are always on today. They connect to the network whenever they want, from wherever they happen to be, with laptops,
ENABLING FAST RESPONSES TO Security INCIDENTS WITH THREAT MONITORING Executive Summary As threats evolve and the effectiveness of signaturebased web security declines, IT departments need to play a bigger,
White Paper Secure Web Gateways Buyer s Guide > (Abbreviated Version) The web is the number one source for malware distribution. With more than 2 million 1 new pages added every day and 10,000 new malicious
February 2014 Considerations When Choosing a Secure Web Gateway Introduction Evaluating a Secure Web Gateway (SWG) can be a complicated process and nothing is better than testing a solution in your own
Cisco Cloud Web Security Datasheet October 2014 Table of Contents Table of Contents... 1 Overview... 2 Features and Benefits by License... 3 CWS Essentials License... 3 CWS Premium... 4 Advanced Threat
Check Point Positions - Gartner Magic Quadrants - IDC Market Share Research 2012 Dean J. Whitehair Analyst Relations October 2012 Version 9.0 Updated 10/17/2012 2012 Check Point Software Technologies Ltd.
Securing BYOD With Network Access Control, a Case Study 29 August 2012 ID:G00226207 Analyst(s): Lawrence Orans VIEW SUMMARY This Case Study highlights how an organization utilized NAC and mobile device
WEBSENSE TRITON SOLUTIONS INNOVATIVE SECURITY FOR WEB, EMAIL, DATA AND MOBILE TRITON STOPS MORE THREATS. WE CAN PROVE IT. PROTECTION AS ADVANCED AND DYNAMIC AS THE THREATS THEMSELVES The security threats
Magic Quadrant for MSSPs, North America, 2H05 Gartner RAS Core Research Note G00137165, Kelly M. Kavanagh, John Pescatore, 30 December 2005, R1601 01052007. The 2H05 Magic Quadrant for managed security
Simple security is better security Or: How complexity became the biggest security threat Christoph Litzbach, Pre-Sales Engineer NSG 1 What do they have in common? DATA BREACH 2 Security is HARD! Components
Devising a Server Protection Strategy with Trend Micro A Trend Micro White Paper Trend Micro, Incorporated» A detailed account of why Gartner recognizes Trend Micro as a leader in Virtualization and Cloud
Markets, J. Girard Research Note 8 April 2003 SSL VPN 1H03 Magic Quadrant Evaluation Criteria Secure Sockets Layer virtual private networks are simple, portable and convenient alternatives to IPsec, and
Direct or Transparent Proxy? Choose the right configuration for your gateway. Table of Contents Direct Proxy...3 Transparent Proxy...4 Other Considerations: Managing authentication made easier.....4 SSL
Sophos Acquires Cyberoam Frequently Asked Questions Table of Contents FAQ... 2 What is Sophos announcing?... 2 Who is Cyberoam?... 2 Why is Sophos acquiring Cyberoam?... 2 Why is Sophos acquiring Cyberoam
EXTENDING THREAT PROTECTION AND WHITEPAPER CLOUD-BASED SECURITY SERVICES PROTECT USERS IN ANY LOCATION ACROSS ANY NETWORK It s a phenomenon and a fact: employees are always on today. They connect to the
Securing and Optimizing the Next Generation Branch Office 1 Global Organizations Current state of affairs 3 Globally distributed enterprises rely on the WAN for day to day operations to stay competitive
Devising a Server Protection Strategy with Trend Micro A Trend Micro White Paper» Trend Micro s portfolio of solutions meets and exceeds Gartner s recommendations on how to devise a server protection strategy.
Trustwave blocks Web-borne malware - guaranteed, or your money back Analyst: Adrian Sanabria 16 Jul, 2014 Today, Trustwave makes a bold announcement a zero malware guarantee. The anti-malware market has
. THE RADICATI GROUP, INC. The Radicati Group, Inc. Palo Alto, CA 94301 Phone: (650) 322-8059 Fax: (650) 322-8061 www.radicati.com Corporate Web Security - Market Quadrant 2014.......... An Analysis of
The Cisco ASA 5500 as a Superior Firewall Solution The Cisco ASA 5500 Series Adaptive Security Appliance provides leading-edge firewall capabilities and expands to support other security services. Firewalls
. THE RADICATI GROUP, INC. The Radicati Group, Inc. Palo Alto, CA 94301 Phone: (650) 322-8059 www.radicati.com Corporate Web Security - Market Quadrant 2015.......... An Analysis of the Market for Corporate
McAfee Acquires NitroSecurity McAfee announced that it has closed the acquisition of privately owned NitroSecurity. 1. Who is NitroSecurity? What do they do? NitroSecurity develops high-performance security
TRITON AP-WEB Comprehensive real-time protection against Advanced Threats and data theft Your business and its data are under constant attack. Traditional security solutions no longer provide sufficient
Market Segment Definitions Author Joshua Mittler Overview In addition to product testing, NSS Labs quantitatively evaluates market size for each of the product categories tested. NSS provides metrics that
The Cyber Threat Landscape Oliver Rochford Research Director Gartner is a registered trademark of Gartner, Inc. or its affiliates. This publication may not be reproduced or distributed in any form without
White Paper Readiness Assessments: Vital to Secure Mobility What You Will Learn Mobile devices have been proven to increase employee productivity and job satisfaction, but can also pose significant threats
Magic Quadrant for CRM Service Providers, North America 30 August 2010 Matthew Goldman, Ed Thompson Gartner RAS Core Research Note G00205524 Demand for CRM project-based consulting and implementation services
Managing Web Security in an Increasingly Challenging Threat Landscape Cybercriminals have increasingly turned their attention to the web, which has become by far the predominant area of attack. Small wonder.
Data Sheet Cisco ISR Web Security with Cisco ScanSafe Cisco Enterprise Branch Web Security The Cisco Integrated Services Router G2 (ISR G2) Family delivers numerous security services, including firewall,
Magic Quadrant for Personal Firewalls, 1Q06 Gartner RAS Core Research Note G00139942, John Girard, 27 June 2006, R1901 06302007 Personal firewalls extend company firewall policy to block attacks against
SA Series SSL VPN Virtual Appliances Data Sheet Published Date July 2015 Product Overview The world s mobile worker population passed the 1 billion mark in 2010 and will grow to more than 1.3 billion by
1 of 7 23-12-2014 9:30 x` Magic Quadrant for Network Access Control 10 December 2014 ID:G00262737 Analyst(s): Lawrence Orans, Claudio Neiva VIEW SUMMARY Most NAC vendors provide good support for the BYOD
SYMANTEC Unified Security, ATP and more TAKE THE NEXT STEP Martin Werner PreSales Consultant, Symantec Switzerland AG MEET SWISS INFOSEC! 27.01.2016 Unified Security 2 Symantec Enterprise Security Users
2011 South African Data Centre Green Excellence Award in Technology Innovation Cybernest 2012 2012 North American Managed Security Service Providers Growth Leadership Award 2011 Frost & Sullivan 1 We Accelerate
Solution Overview Cisco Advanced Malware Protection Breach Prevention, Detection, Response, and Remediation for the Real World BENEFITS Gain unmatched global threat intelligence to strengthen front-line
McAfee Global Threat Intelligence File Reputation Service Best Practices Guide for McAfee VirusScan Enterprise Software Table of Contents McAfee Global Threat Intelligence File Reputation Service McAfee
Providing Secure IT Management & Partnering Solution for Bendigo South East College Why did Bendigo South East College engage alltasksit & DELL? BSEC is in the midst of school population growth in 2015,
Magic Quadrant for Network Access Control VIEW SUMMARY Most NAC vendors provide good support for the BYOD use case. Now, the market is evolving to address another use case, where NAC policy servers act
McAfee Web Gateway Administration Intel Security Education Services Administration Course Training The McAfee Web Gateway Administration course from Education Services provides an in-depth introduction
Magic Quadrant for Enterprise Governance, Risk and Compliance Platforms Gartner RAS Core Research Note G00158295, French Caldwell, Tom Eid, 30 June 2008, R2799 07092009 The market for enterprise governance,
INTRODUCING isheriff CLOUD SECURITY isheriff s cloud-based, multi-layered, threat protection service is the simplest and most cost effective way to protect your organization s data and devices from cyber-threats.
Stallioni Sügisseminar Juha Poutanen, Territory Manager Websense How to open Internet to your employees safely - managing risks of modern Internet web security data security web security email security
Moving Beyond Proxies A Better Approach to Web Security January 2015 Executive Summary Proxy deployments today have outlived their usefulness and practicality. They have joined a long list of legacy security
D Ů V Ě Ř U J T E S I L N Ý M SourceFireNext-Generation IPS Petr Salač CCNP Security, CCNP, CICSP, CCSI #33835 email@example.com Our Customers Biggest Security Challenges Maintaining security posture
Enterprise Security Solutions OVERVIEW For more than 25 years, Trend Micro has innovated constantly to keep our customers ahead of an everevolving IT threat landscape. It s how we got to be the world s
Burton IT1 Research G00234483 Identity Management Published: 9 July 2012 Analyst(s): Ian Glazer, Bob Blakley Identity management (IdM) has become a distinct aggregation of functions for the maintenance
MarketScope for IT Governance, Risk and Compliance Management, 2008 Gartner RAS Core Research Note G00154941, Paul E. Proctor, Mark Nicolett, French Caldwell, 11 February 2008, RA7 03032009 The IT GRCM
1 At-A-GLANCE Deliver Security as a Service Cisco provides superb visibility, consistent control and advanced threat protection before, during, and after an attack. Cloud Web Security Pillars: Administrators
G00262737 Magic Quadrant for Network Access Control Published: 10 December 2014 Analyst(s): Lawrence Orans, Claudio Neiva Most NAC vendors provide good support for the BYOD use case. Now, the market is
Research Publication Date: 20 January 2011 ID Number: G00209766 Emerging PC Life Cycle Configuration Management Vendors Terrence Cosgrove Although the PC configuration life cycle management (PCCLM) market
Enabling Business Beyond the Corporate Network Secure solutions for mobility, cloud and social media 3 Trends Transforming Networks and Security Are you dealing with these challenges? Enterprise networks
Protect your internal users on the Internet with Secure Web Gateway Richard Bible EMEA Security Solution Architect Identity and Access Management (IAM) Solution Authentication, Authorization, and SSO to
Next Gen Firewall and UTM Buyers Guide Implementing and managing a network protected by point solutions is far from simple. But complete protection doesn t have to be complicated. This buyers guide explains
DUBEX CUSTOMER MEETING JOHN YUN Director, Product Marketing Feb 4, 2014 1 AGENDA WebPulse Blue Coat Cloud Service Overview Mobile Device Security 2 WEBPULSE 3 GLOBAL THREAT PROTECTION NEGATIVE DAY DEFENSE
Magic Quadrant for Secure Web Gateway Gartner RAS Core Research Note G00212739, Lawrence Orans, Peter Firstbrook, 25 May 2011, V3RA1 05272012 The growing malware threat continues to drive the SWG market.
Markets, R. Colville Research Note 15 April 2003 2003 Desktop Software Distribution Magic Quadrant Software distribution is the critical component for desktop configuration management. Vendors in our Magic
ZSCALER EBOOK Top 10 Reasons Enterprises are Moving Security to the Cloud A better approach to security Albert Einstein defined insanity as doing the same thing over and over again and expecting different
The Evolution of the Enterprise And Enterprise Security Introduction Today's enterprise is evolving rapidly, with new technologies such as consumer-grade mobile devices, internet-based applications and
WOHIN GEHT DIE REISE TERRE ACTIVE / BLUECOAT ROLAND MARTY Territory Sales Manager Switzerland Septembre 2013 1 NEXT GENERATION SECURITY Headquarters Branch Office Intelligence Internet Control Mobile Users
Cisco SecureX Product Brochure Security Matters More Than Ever Traditional approaches to network security were designed for a single purpose: to protect resources inside the network from threats and malware
2014 Cisco and/or its affiliates. All rights reserved. Cisco Meraki: a complete cloud-managed networking solution - Wireless, switching, security, and MDM, centrally managed over the web - Built from the
White Paper Content Security: Protect Your Network with Five Must-Haves What You Will Learn The continually evolving threat landscape is what makes the discovery of threats more relevant than defense as
Research Publication Date: 30 August 2005 ID Number: G00123639 Organizations Must Employ Effective Data Security Strategies Rich Mogull Organizations can best protect data through a hierarchical data security
G00245789 Realize That Big Security Data Is Not Big Security Nor Big Intelligence Published: 19 April 2013 Analyst(s): Joseph Feiman Security intelligence's ultimate objective, enterprise protection, is